Stop Using Microsoft Edge To Download Chrome — Unless You …

For many people who purchase a new Windows 10 PC, Microsoft’s built-in Edge browser has one purpose: to download an alternate browser like Google Chrome. The most common way to do this for people who don’t have the URL memorized? Type “download Chrome” in the address bar and click the first result provided by Bing search. Unfortunately those unsuspecting users have a high chance of downloading malware and adware. That’s because Bing has been serving up malicious but highly visible Google Chrome ads for months .

This weekend, Twitter user Gabriel Landau enjoyed his first few hours with a Windows 10 laptop by doing this exact thing (video in Twitter link). The top result for his “download chrome” search via Edge looked ordinary enough. Except that when he clicked it the resulting domain was “GoogleOnline2018.com.” The fake site isn’t an exact copy of Google’s own Chrome landing page, but looks genuine enough to fool people. The download itself is called “ChromeSetup.exe,” but examining the digital signature reveals “Alpha Criteria Ltd.” That’s definitely not Google.

Brand new Win10 laptop. Attempt to install Chrome. Almost get owned with my very first action. Why is this still happening in 2018, @bing? Please explain. pic.twitter.com/uYJhu7xa9H

Chris Hoffman, EIC of How-To Geek was able to reproduce this error, and several users on Twitter have also complained about it. In his article he points out that the ad comes into rotation every few page refreshes. Because I can’t obtain that result on a fresh Windows 10 install, I suspect it may be targeting users geographically (I live in Europe).

I notified Bing Ads of this issue, and since Landau’s tweet went viral overnight, I have confidence the malicious ad will be removed from Bing Search within the next 24 hours.

But the real issue is that it keeps happening.

I searched the web for similar complaints and found an article from Bleeping Computer dated April 2018. The same type of hijack using Bing Ads from Edge, displayed as the top result, leading to a fake Chrome download that serves up some particularly nasty adware in its installer. The most noticeable difference was the domain name “NewChromeDownload.com.”

And then again 21 days ago from this user on Reddit. You guessed it. Same procedure, same structure, different domain name.

If you have to use Windows 10, don’t use Bing for search. Ever.Microsoft

There’s a pattern here, and it’s a disturbing one. How many people have been affected by these short-lived but recurring hijacks that Microsoft is letting through to millions of people? It’s inexcusable that these types of ads aren’t vetted properly, especially when the majority of browsers automatically know these sites are unsafe.

If you must use Windows 10, go directly to Chrome.com to download Google’s browser, or to Mozilla.org for Firefox. Commit those to memory or just open up Edge and browse directly to google.com. I also highly recommend installing a tracking blocker like DuckDuckGo. If you choose to use the Edge browser, remove Bing as your default search provider by following these steps.

At the very least, please do not use Bing to search for anything. Ever. You probably won’t after reading this.

Related Articles

If you’re on the hunt for an updated, comprehensive and easy to understand digital marketing guide, this is the one for you. This is your Complete Digital Marketing 2019 Guide aimed to give you the […]

DuckDuckGo traffic is soaring, and for good reason. The privacy-focused search engine is gaining popularity as internet users become more aware of the behavior-tracking habits of giants such as Google and Facebook. As a more […]